consolesoft.com is closing
Moderator: DosItHelp
consolesoft.com is closing
Hi, I've been away from batch programming for some time.
I was maintaining since 2014 my personal site on windows console programming: consolesoft.com
Sometimes in this forum I published some links to it.
Someone recently wrote me for my bg program.
The bg program is a collection of program for do things like print text in colors, or read a pressed key arrow in the command.
Kmstick module become falsely detected by 25 of 68 antivirus. I decided to give him the latest update. I removed the kmstick from the bg project.
Also I rescan all the modules: the keystick program was a detection rate of 4/68. All the other programs of the bg project was keeped clean with 0 detections.
The generic false detection for a lightweight console program by the antivirus is out of my control. I do not pretend in the future recompile again the same source code for bypass a false detection.
In the case of keystick moduke I simple add a exported function called foo that do nothing. Same code logic, recompile and the detections become 0/68.
Also, the executables available on the site are for convenience, because always the source code has been available and also the command line instructions for compile it. If you read the source you will not found anything malicious.
Seems that many of the false detections are from generic things. In my experience the main cause is lightweight console program.
For me the most serious antivirus is Kaspersky. The other assign different names for generic things (false positives).
I will not continue publishing or maintaining the site, because that's the way it has been during the last time.
However, I created images of the site with archive.org: https://web.archive.org/web/20180902164 ... esoft.com/
Therefore, the content of the site will remain available.
Some of the most emblematic things for me are the following:
Bg https://web.archive.org/web/20180926041 ... .com/p/bg/
Bhx https://web.archive.org/web/20180922000 ... com/p/bhx/
Batch https://web.archive.org/web/20180902093 ... com/batch/
Cmd XP 65001 Fix https://web.archive.org/web/20180902165 ... 65001-fix/
(Nostalgic 16-bit) Reply.com https://web.archive.org/web/20180902083 ... ld-school/
Best regards, Carlos.
I was maintaining since 2014 my personal site on windows console programming: consolesoft.com
Sometimes in this forum I published some links to it.
Someone recently wrote me for my bg program.
The bg program is a collection of program for do things like print text in colors, or read a pressed key arrow in the command.
Kmstick module become falsely detected by 25 of 68 antivirus. I decided to give him the latest update. I removed the kmstick from the bg project.
Also I rescan all the modules: the keystick program was a detection rate of 4/68. All the other programs of the bg project was keeped clean with 0 detections.
The generic false detection for a lightweight console program by the antivirus is out of my control. I do not pretend in the future recompile again the same source code for bypass a false detection.
In the case of keystick moduke I simple add a exported function called foo that do nothing. Same code logic, recompile and the detections become 0/68.
Also, the executables available on the site are for convenience, because always the source code has been available and also the command line instructions for compile it. If you read the source you will not found anything malicious.
Seems that many of the false detections are from generic things. In my experience the main cause is lightweight console program.
For me the most serious antivirus is Kaspersky. The other assign different names for generic things (false positives).
I will not continue publishing or maintaining the site, because that's the way it has been during the last time.
However, I created images of the site with archive.org: https://web.archive.org/web/20180902164 ... esoft.com/
Therefore, the content of the site will remain available.
Some of the most emblematic things for me are the following:
Bg https://web.archive.org/web/20180926041 ... .com/p/bg/
Bhx https://web.archive.org/web/20180922000 ... com/p/bhx/
Batch https://web.archive.org/web/20180902093 ... com/batch/
Cmd XP 65001 Fix https://web.archive.org/web/20180902165 ... 65001-fix/
(Nostalgic 16-bit) Reply.com https://web.archive.org/web/20180902083 ... ld-school/
Best regards, Carlos.
Last edited by carlos on 26 Dec 2018 19:42, edited 7 times in total.
Re: consolesoft.com is closing
Hi Carlos
I appreciate that you provide a mirroring of your site in order to keep all of the helpful tools alive. Thank you so much!
Steffen
I appreciate that you provide a mirroring of your site in order to keep all of the helpful tools alive. Thank you so much!
Steffen
-
- Posts: 46
- Joined: 13 Sep 2017 18:37
Re: consolesoft.com is closing
Hiya Carlos!
Thanks for providing archives for your projects, and thanks for bg.exe! v3.0a is still my go-to for simple, quick, all-in-one control of console display and keyboard input. Hopefully fscreen.exe (fullscreen) is in there somewhere, I think that one's really neat!
Thanks for providing archives for your projects, and thanks for bg.exe! v3.0a is still my go-to for simple, quick, all-in-one control of console display and keyboard input. Hopefully fscreen.exe (fullscreen) is in there somewhere, I think that one's really neat!
Re: consolesoft.com is closing
Thanks.
I will support the site a little bit more time., but I will apply code signing of the executables.
I hope have nice notices about this.
I will support the site a little bit more time., but I will apply code signing of the executables.
I hope have nice notices about this.
-
- Posts: 208
- Joined: 26 Dec 2013 09:28
- Contact:
Re: consolesoft.com is closing
Hi Carlos et al,
I've just spent couple hours to adapt the archive to github https://github.com/ildar-shaimordanov/c ... oft-mirror. Anyone can fork and continue to support and improve the tools.
I've just spent couple hours to adapt the archive to github https://github.com/ildar-shaimordanov/c ... oft-mirror. Anyone can fork and continue to support and improve the tools.
Re: consolesoft.com is closing
Many thanks siberia-man.
In the future I would like to be able to sign the executables, although it is a bit expensive.
Also publish a new version of bg that I have never published and it becomes a kind of internal command, but for this it is essential to be able to sign the executable.
But in the meantime, I am very happy that there is a repository of all that I posted on the site.
In the future I would like to be able to sign the executables, although it is a bit expensive.
Also publish a new version of bg that I have never published and it becomes a kind of internal command, but for this it is essential to be able to sign the executable.
But in the meantime, I am very happy that there is a repository of all that I posted on the site.
-
- Posts: 46
- Joined: 13 Sep 2017 18:37
Re: consolesoft.com is closing
Only you can reproduce the autograph, so why buy a certificate from a trusted authority ? "becomes a kind of internal command" what do you mean ? Are you talking about the warning one can get when executing a downloaded "untrusted" file for the first time ?carlos wrote: ↑16 Sep 2018 19:11Many thanks siberia-man.
In the future I would like to be able to sign the executables, although it is a bit expensive.
Also publish a new version of bg that I have never published and it becomes a kind of internal command, but for this it is essential to be able to sign the executable.
But in the meantime, I am very happy that there is a repository of all that I posted on the site.
Re: consolesoft.com is closing
I agree. The only benefit of code signing is that you can make sure the executable was not altered during uploading, on the web host, or during downloading.
Because of your concerns about false positives I already wrote some notes over there:
viewtopic.php?f=3&t=7570&p=57914#p57914
Steffen
Because of your concerns about false positives I already wrote some notes over there:
viewtopic.php?f=3&t=7570&p=57914#p57914
Steffen
Re: consolesoft.com is closing
@siberia-man :
I updated things on the site (for posterity) and publish: Bhx 5.7, Bg 3.8, Sha1 1.0.1, Fscreen 1.0.1, And removed Out 1.0 (basically it is the print version of bg) . Is possible update the repository or can you add me as collaborator?
@CirothUngol
Is really faster.
You would be surprised at the difference, that is gained for not load/unload same executable over and over by the operating system.
Edit: I be updated example_1.cmd controlling the use of goto. Using that technique, the performance is anyway good.
@Ed Dyreen, @aGerman
Because it uses a technique called "dll injection" that increment the possibilities of be detected as false positive. I think that signing it, this will be removed.
Based on this notice, that in this case not apply to my program because is not malware.
https://securityaffairs.co/wordpress/65 ... lware.html
But if antivirus are seduced by digital signatures, maybe this is a solution for avoid the false positives that can damn the reputation of legitime software.
I updated things on the site (for posterity) and publish: Bhx 5.7, Bg 3.8, Sha1 1.0.1, Fscreen 1.0.1, And removed Out 1.0 (basically it is the print version of bg) . Is possible update the repository or can you add me as collaborator?
@CirothUngol
Is really faster.
You would be surprised at the difference, that is gained for not load/unload same executable over and over by the operating system.
Edit: I be updated example_1.cmd controlling the use of goto. Using that technique, the performance is anyway good.
@Ed Dyreen, @aGerman
Because it uses a technique called "dll injection" that increment the possibilities of be detected as false positive. I think that signing it, this will be removed.
Based on this notice, that in this case not apply to my program because is not malware.
https://securityaffairs.co/wordpress/65 ... lware.html
But if antivirus are seduced by digital signatures, maybe this is a solution for avoid the false positives that can damn the reputation of legitime software.
Last edited by carlos on 20 Sep 2018 14:32, edited 3 times in total.
-
- Posts: 208
- Joined: 26 Dec 2013 09:28
- Contact:
Re: consolesoft.com is closing
@Carlos:
I asked some questions through the local PM. Please check the forum's inbox.
I asked some questions through the local PM. Please check the forum's inbox.
Re: consolesoft.com is closing
Could it not be that the antivirus digital signature is actually a hash, which would explain why your program passes if you add some blanks ? Because the way I learned it all a digital signature does is proving that the application was not altered after it has been signed. A trusted authority should not provide a certificate if they find your program to be malicious but I doubt this will stop an AV from scanning the file for malware signatures ( HASH ).carlos wrote: ↑18 Sep 2018 23:12@Ed Dyreen, @aGerman
Because it uses a technique called "dll injection" that increment the possibilities of be detected as false positive. I think that signing it, this will be removed.
Based on this notice, that in this case not apply to my program because is not malware.
https://securityaffairs.co/wordpress/65 ... lware.html
But if antivirus are seduced by digital signatures, maybe this is a solution for avoid the false positives that can damn the reputation of legitime software.
Re: consolesoft.com is closing
@Ed Dyreen
My questions is if the antivirus become more noble and do not report as generic false hashes that have different names, to indicate for example console application of few bytes, if the executable is signed by a trusted authority.
@siberia-man: Many thanks for provide me the ownership of the repository. Ildar did a esplendid work converting the site in a browsable github repository.
In the future I hope sign the binaries (for my tranquility) in the releases section of the repository.
Thus, at the end of this year, consolesoft.com will be not available but the code will be available here: https://github.com/carlos-montiers/consolesoft-mirror
My questions is if the antivirus become more noble and do not report as generic false hashes that have different names, to indicate for example console application of few bytes, if the executable is signed by a trusted authority.
@siberia-man: Many thanks for provide me the ownership of the repository. Ildar did a esplendid work converting the site in a browsable github repository.
In the future I hope sign the binaries (for my tranquility) in the releases section of the repository.
Thus, at the end of this year, consolesoft.com will be not available but the code will be available here: https://github.com/carlos-montiers/consolesoft-mirror
-
- Posts: 208
- Joined: 26 Dec 2013 09:28
- Contact:
Re: consolesoft.com is closing
Hi Carlos,
You are welcome! I have never used your tools. Don't know, if I use them or not use in the future. At least I can see that a lot of people use them and give positive feedback. I thought that your big work must be stored so other people could continue development in the case if you decide to stop developing them and drop supporting at all. Hope, my tiny contribution will help you or others to support your tools easier. There is one possible way -- restructure the repository and create github pages to make them presentable similar to former consolesoft.com. Never used this option, so can't give more hints except to look into help pages.
You are welcome! I have never used your tools. Don't know, if I use them or not use in the future. At least I can see that a lot of people use them and give positive feedback. I thought that your big work must be stored so other people could continue development in the case if you decide to stop developing them and drop supporting at all. Hope, my tiny contribution will help you or others to support your tools easier. There is one possible way -- restructure the repository and create github pages to make them presentable similar to former consolesoft.com. Never used this option, so can't give more hints except to look into help pages.